package com.ogilvy.audi.security;


import com.ogilvy.audi.Constants;
import com.ogilvy.audi.model.Resource;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
import org.springframework.security.web.util.AntUrlPathMatcher;
import org.springframework.security.web.util.UrlMatcher;
import org.springframework.stereotype.Service;

import javax.servlet.ServletContext;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;


/** */

/**
 * 最核心的地方，就是提供某个资源对应的权限定义，即getAttributes方法返回的结果。 此类在初始化时，应该取到所有资源及其对应角色的定义。
 *
 */
@Service
public class MyInvocationSecurityMetadataSourceService implements FilterInvocationSecurityMetadataSource {
       protected final Log log = LogFactory.getLog(getClass());
// @Autowired
// private PubAuthoritiesResourcesHome pubAuthoritiesResourcesHome;

 private UrlMatcher urlMatcher = new AntUrlPathMatcher();


 public MyInvocationSecurityMetadataSourceService() {
//  loadResourceDefine();
 }




        public Collection<ConfigAttribute>  getAttributes(Object filter) throws IllegalArgumentException {
        FilterInvocation filterInvocation = (FilterInvocation) filter;
        String requestURI = filterInvocation.getRequestUrl();

       //    log.debug("The requestURI is "+requestURI);
          //String grantedAuthorities = null;
            Collection     grantedAuthorities=null;
               List<List> urlAuthoriteMaps= this.getUrlAuthorities(filterInvocation);
     for (int i = 0; i < urlAuthoriteMaps.size(); i++) {
            boolean isbreak=false;
            List<Resource> urlAuthorities=  urlAuthoriteMaps.get(i);
                  for(Resource resource:urlAuthorities){
                      String url = resource.getValue();

                       if(urlMatcher.pathMatchesUrl(url, requestURI)) {
                          grantedAuthorities = resource.getAuthorities();
                          isbreak=true;
                          break;
                       }
                  }

             if(isbreak)
                 break;
          }



       return grantedAuthorities;
    }

    public Collection<ConfigAttribute> getAllConfigAttributes() {
        return null;  //To change body of implemented methods use File | Settings | File Templates.
    }

    public boolean supports(Class<?> arg0) {

     return true;
    }


     @SuppressWarnings("unchecked")
	private List getUrlAuthorities(FilterInvocation filterInvocation) {
        List maps=new ArrayList();
        ServletContext servletContext = filterInvocation.getHttpRequest().getSession().getServletContext();
        List<Resource> frontMap=(List) servletContext.getAttribute(Constants.DEFAULT_FRONT_URL_AUTHORITIES_NAME);
        List<Resource> backMap=(List) servletContext.getAttribute(Constants.DEFAULT_BACK_URL_AUTHORITIES_NAME);
        List<Resource> defaultMap=(List) servletContext.getAttribute(Constants.DEFAULT_URL_AUTHORITIES_NAME);
        maps.add(frontMap) ;
        maps.add(backMap) ;
        maps.add(defaultMap) ;
        return maps;
    }

}


